DPRIVE - see the DPRIVE document website
draft-ietf-dprive-bcp-op-00 | Recommendations for DNS Privacy Service Operators | Describes Best Current Practices for operators of DoT and DoH servers in terms of protocol, service and privacy policy considerations. |
RFC7626 | DNS Privacy Considerations | This document describes the privacy issues associated with the use |
RFC7858 | Specification for DNS over TLS | This document describes the use of TLS to provide privacy for DNS. |
RFC7830 | The EDNS(0) Padding Option | his document specifies the EDNS(0) 'Padding' option, which allows |
RFC8467 | Padding Policy for EDNS(0) | Specifies the preferred algorithm for padding with the option defined in RFC7830 |
RFC8310 | Usage Profiles for DNS over TLS and DNS over DTLS | This document describes how a DNS client can use a domain name to authenticate a DNS server that uses Transport Layer Security (TLS) and Datagram TLS (DTLS). Additionally, it defines (D)TLS profiles for DNS clients and servers implementing DNS-over-TLS and DNS-over- DTLS |
RFC8094 | Specification for DNS over Datagram Transport Layer Security (DTLS) | |
draft-ietf-dprive-eval | Evaluation of Privacy for DNS Private Exchange (expired) | This document describes methods for measuring the |
DNSOP
RFC7766 | DNS Transport over TCP - Implementation Requirements | This document specifies the requirement for support of TCP as a transport |
RFC7816 | DNS Query Name Minimisation to Improve Privacy | |
RFC7828 | The edns-tcp-keepalive EDNS0 Option | This document defines an EDNS0 option ("edns-tcp-keepalive") that allows DNS clients and servers to signal their respective readiness to conduct multiple DNS transactions over individual TCP sessions. |
DOH
RFC8484 | DNS Queries over HTTPS (DoH) | Document describing the protocol aspects of running DNS over HTTPS. |
Other
RFC5246 | The Transport Layer Security (TLS) Protocol |
RFC7525 | Recommendations for Secure Use of TLS and DTLS |
RFC7413 | TCP Fastopen |
Also see the DNS Privacy Workshop pages!
T-DNS: Connection-Oriented DNS to Improve Privacy and Security (Duane Wessels)
getdns-api implementation (Willen Toorop)
T-DNS: Connection-Oriented DNS to Improve Privacy and Security (http://www.isi.edu/publications/trpublic/files/tr-693.pdf)